What are the ramifications to a large key length when using pub/priv keys for ssh authentication. I have some remote admin and file transfers to manage and only have ssh access w/o vpn to use for it. Thanks, jlc
"Joseph L. Casale" <jcasale at ActiveNetwerx.com> wrote:>>What are the ramifications to a large key length when using pub/priv keys for ssh authentication. << No particular impact, especially for file transfer. The pub/priv keys are only used for authentication and a symmetric key is used for encrypting traffic during the session. I use a 2048-bit RSA key routinely - if it's any slower than a 1048-bit key during the authentication phase, it's not noticeable, and it has no impact on file transfer. Best, --- Les Bell, RHCE, CISSP [http://www.lesbell.com.au] Tel: +61 2 9451 1144 FreeWorldDialup: 800909 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080429/51984239/attachment-0001.html>
>No particular impact, especially for file transfer. The pub/priv keys are only used for authentication and a >symmetric key is used for encrypting traffic during the session. I use a 2048-bit RSA key routinely - if it's any >slower than a 1048-bit key during the authentication phase, it's not noticeable, and it has no impact on file >transfer.I see, how does one manipulate the keys used for data encryption after auth during file transfers for instance? Thanks! jlc
"Joseph L. Casale" <jcasale at ActiveNetwerx.com> wrote:>>I see, how does one manipulate the keys used for data encryption after auth during file transfers for instance? << One doesn't; the session keys are randomly generated and are automatically renewed periodically. Best, --- Les Bell, RHCE, CISSP [http://www.lesbell.com.au] Tel: +61 2 9451 1144 FreeWorldDialup: 800909